Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-12 | CVE-2005-1980 | Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." | 5.0 |
| 2005-10-12 | CVE-2005-1979 | Denial Of Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality. | 5.0 |
| 2005-10-12 | CVE-2005-1978 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. | 7.5 |
| 2005-10-07 | CVE-2005-2337 | Unspecified vulnerability in Yukihiro Matsumoto Ruby Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin). | 7.5 |
| 2005-10-07 | CVE-2005-3178 | Remote Buffer Overflow vulnerability in XLoadImage Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations. | 5.1 |
| 2005-10-07 | CVE-2005-2104 | Unspecified vulnerability in Redhat Sysreport sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory. | 2.1 |
| 2005-10-06 | CVE-2005-3118 | Unspecified vulnerability in William Stearns Mason 1.0.0 Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot. | 7.5 |
| 2005-10-06 | CVE-2005-3177 | Local Security vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed. | 4.6 |
| 2005-10-06 | CVE-2005-3176 | Remote Security vulnerability in Windows 2000 Advanced Server Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection. | 7.5 |
| 2005-10-06 | CVE-2005-3175 | Local Security vulnerability in Windows 2000 Advanced Server Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local administrator to unlock a computer even if it has been locked by a domain administrator, which allows the local administrator to access the session as the domain administrator. | 7.2 |